49bf6920fdf3cbb5ffaaae08dd876cc54044595e08cd2605b681d052abb6baad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49bf6920fdf3cbb5ffaaae08dd876cc54044595e08cd2605b681d052abb6baad
Size

91KB
MD5

89185fbb6d6c9dfabbb7b48cac3ed9e7
SHA1

13450aeac7fadd90c1295d24e2cced76b012dfc0
SHA256

49bf6920fdf3cbb5ffaaae08dd876cc54044595e08cd2605b681d052abb6baad
SHA512

9b1bb8ccbfb6097199d349602db78cb651c9dc3c6fa05d265168682ee17d6d9096a4289c94bbee1f83594572fa310a91fe1b0a158df70276e82d2871e8d583e2
SSDEEP

1536:+Ar0vwrMCLNj2F4XMZaQ5vAi/+vSfzr/9VbCHE4ZNXHpPONXMrep/528UvcMbdB:ljrMC8OnBiGvSfn/d4LXsi6B528Uv55

Score

N/A

Malware Config

Signatures

Files

49bf6920fdf3cbb5ffaaae08dd876cc54044595e08cd2605b681d052abb6baad
.exe windows x86

5058da4cdcc925581f1a2fbd4879bc36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileValidData
SetProcessWorkingSetSize
BeginUpdateResourceW
GetLogicalDriveStringsA
GetPrivateProfileStructA
CancelIo
CreateMailslotA
VirtualAllocEx
FormatMessageA
TransmitCommChar
CreateSemaphoreA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trdata
Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE